KR20100072014A - Real-time interactive authorization for enterprise search - Google Patents

Abstract

Techniques for providing at least one user access to one or more documents in a collaborative computing environment in accordance with a search engine are provided. The user is presented with search results, wherein the search results comprise at least one document comprising at least one portion to which the user has no access. A request from the user for access to the at least one document is received. A supervising entity is then notified of the user request to access the at least one document. An instruction from the supervising entity is then received. In accordance with the received instruction, the user is granted access to the at least one document.

Description

REAL-TIME INTERACTIVE AUTHORIZATION FOR ENTERPRISE SEARCH}

The present invention provides a user access to one or more documents in a collaborative computing environment via a search engine, and more particularly, to obtain real-time authorization from a supervising entity for access to one or more documents for which the user has restricted access. It's about technology.

Technology has certainly increased information sharing efficiency. However, the need to access shared information faster and without interruption continues to grow. This is especially true when a user wants access to the information but does not have the necessary permissions for access. This situation may be the case for companies. In a corporate environment, groups of people know or assume that documents exist when conducting business transactions, but each group has a different level of access to these documents. For example, if you are planning a business deal, an individual may want all the documentation about that business deal. This document may include conventional email, letters, portable document files (PDF), and the like. Ideally, it is beneficial for an individual to have access to (a) know about the existence of these documents and (b) view the contents of these documents.

Currently, users can search for documents using commercially available search engines. However, none of the currently available search engines efficiently accommodates the above situation. First, current search engines do not allow a user to search a document for which the user does not have access. Thus, the user cannot require access to such documents because they do not know that such documents exist. At present, there is no search engine that allows a user to search a set of documents of various access levels.

Secondly, even if the user finds a document of interest with limited access by the user, the user cannot obtain access to the document quickly and efficiently. Today, if a user wants access to a restricted document, the user must first find out who can grant permission to view the document. Next, the user must find the contact information of the entity that can grant permission. After finding the contact information, the user then must contact the entity via telephone, email or other communication device and persuade the entity to grant permission. Even if the user succeeds in obtaining permission to access the document, the user must wait until the entity sends the document to the user or includes the user on the access list. This entire process is time consuming and inefficient. At present, no search engine provides a user with the ability to search for documents of varying access levels. In addition, no search engine provides users and entities with the ability to interact in real time about access to restricted documents.

Thus, there is a need for a system that allows a user to browse restricted documents and allow a user to gain access to inaccessible documents in quick and real time.

The principles of the present invention provide a technique for providing at least one user access to one or more documents in a collaborative computing environment, and more particularly, through a search engine, real-time access to one or more documents with limited user access. Provide techniques for obtaining approval from the supervisory entity.

According to one aspect of the present invention, a computer-based technique for providing at least one user access to one or more documents in a collaborative computing environment in accordance with a search engine is provided. The user is presented with a search result, the search result including at least one document that includes at least a portion that the user does not have access to. Receive a request from a user to access at least one document. The supervisory entity is then informed of a user request to access at least one document. The command is then received from the supervising entity. According to the received command, the user is authorized to access at least one document.

In a further embodiment, the one or more documents presented to the user in the search results may be selected according to at least one of the user's identity, a policy of the collaborative computing system, and an access control list. In addition, the supervising entity may increase or decrease user access to one or more documents through the search engine. In addition, the search engine may track at least one of user access to one or more documents, approval of access to one or more documents, and level of access to one or more documents.

According to another aspect of the invention, a computer-based method provides for a user to gain access to one or more documents in a collaborative computing environment using a search engine. The user searches for one or more documents, the search engine provides a search result that includes at least one document, and the at least one document includes at least a portion that the user does not have access to. The user then uses the search engine to request access to at least one document, and the search engine notifies the supervisory entity of the request. In response to an instruction from the supervising entity, the user receives access to at least one document via the search engine.

According to another aspect of the present invention, a computer-based method provides for a supervisory entity to authorize user access to one or more documents in a collaborative computing environment using a search engine. The supervisory entity uses the search engine to index one or more documents, and at least one of the one or more documents includes at least a portion to which the user does not have access. The supervisory entity then receives a notification from the search engine of any user request to access at least one document. The supervisory entity then instructs the search engine to provide the user with access to at least one document.

According to another aspect of the invention, an apparatus provides at least one user access to one or more documents in a collaborative computing environment, in accordance with a search engine, the apparatus comprising a memory and at least one processor coupled to the memory. . The processor is operable to present the search results to the user, wherein the search results include at least one document that includes at least a portion that the user does not have access to. If the user wants access to a particular document, the processor is further operable to receive a request from the user to access at least one document. After receiving the access request, the processor notifies the supervisory entity of the user request to access the at least one document, receives a command regarding the request from the supervisory entity, and accesses the at least one document in accordance with the received command. Is further operable to authorize the user.

These and other objects, features, and advantages of the present invention will become apparent from the following detailed description of exemplary embodiments, taken in conjunction with the accompanying drawings.

1 is a diagram illustrating an example of a computer-based system that provides at least one user access to one or more documents in a collaborative computing environment, in accordance with a search engine, in accordance with an embodiment of the present invention.
2 is a flow diagram illustrating a method for a search engine that provides at least one user access to one or more documents in a collaborative computing environment in accordance with one embodiment of the present invention.
3 is a flow diagram illustrating a method for a user gaining access to one or more documents in a collaborative computing environment using a search engine in accordance with one embodiment of the present invention.
4 is a flow diagram illustrating a method for a supervising entity that authorizes user access to one or more documents in a collaborative computing environment in accordance with an embodiment of the present invention.
5 is a flow diagram illustrating an example of a workflow in accordance with one embodiment of the present invention.
6 is a flowchart illustrating a method for providing at least one user access to one or more documents in a collaborative computing environment, in accordance with a search engine, in accordance with an embodiment of the present invention.
7A and 7B are flowcharts illustrating the method of FIG. 6 when applied to a given example in accordance with one embodiment of the present invention.
8 illustrates a hardware implementation of a computing system in which one or more components / methods of the present invention may be implemented, in accordance with an embodiment of the present invention.

As illustrated in detail below, the principles of the present invention provide a technique for providing at least one user access to one or more documents in a collaborative computing environment in accordance with a search engine. More specifically, one embodiment of the present invention includes a technique for granting a user access to at least one document that includes at least a portion that the user does not have access to according to instructions from the supervising entity. Herein, the principles of the present invention are illustrated in connection with an exemplary technique for providing at least one user access to one or more documents in a collaborative computing environment using a search engine.

The term "enterprise" as used herein is intended to be broadly interpreted to include, for example, any organized group (e.g., a stock company, a partnership, etc.), but is not limited to this example. .

The term "workflow", as used herein, is intended to be broadly interpreted to include, for example, any set of fixed instructions used to complete a process, but is not limited to this example. .

The term "collaborative computing environment" as used herein refers to any forum (eg, internet teleconference, virtual conversation, It is intended to be broadly interpreted to include an e-mail, etc., but is not limited to this example.

The term "supervising entity" as used herein is intended to be broadly interpreted to include any party having the authority to authorize user access to a document, for example, an employer, an administrator. ), Managers, supervisors, or automated systems, but are not limited to these examples.

The term "virtual repository", as used herein, is intended to be broadly interpreted to include, for example, any set of pointers to a document, but is not limited to this example, where the documents vary. Stored in the location.

Depending on the search engine, an important challenge in providing user access to one or more documents in a collaborative computing environment is to streamline the process for accessing documents of interest. First, in the conventional method, a user can only see documents to which he has access. Thus, documents with restricted access are identified indirectly (eg, orally, by reading related documents, guessing, etc.). This is time consuming and resource waste. Second, even if the user locates the document of interest with limited access, the conventional method requires the user to get access to the document through other means out of the search environment. Constant attention from the original search affects the user's ability to navigate quickly and efficiently. Thus, there is a need for an efficient process for searching for restricted documents and gaining access to such documents.

First, referring to FIG. 1, an example of a computer-based system for providing at least one user access to one or more documents in a collaborative computing environment, in accordance with a search engine, in accordance with an embodiment of the present invention. System 100 illustrates the major components of an improved enterprise search system. In an exemplary embodiment, the enterprise search system is a collaborative computing environment composed of multiple users connected by a networked communication system. The end user terminal 105 is a network computing device through which an end user can initiate a search against the enterprise search server 120. In one preferred embodiment, the end user terminal is a laptop computer with a wireless network interface running an internet browser (eg, Microsoft Internet Explorer, Firefox, etc.). In addition, preferred end-user terminals may include multimedia documents such as text, graphics, and plain text files, Hypertext Markup Language (HTML) web pages, Microsoft Office rich-text documents, Adobe Acrobat files, bitmaps, digital audio, and video files. I can display it. In another embodiment, the end user terminal is a handheld device, such as a personal digital assistant (PDA) or cell phone. The end user terminal may also be a desktop computer or a cable network set top box.

One or more certificates 110 are used to identify the user operating the end user terminal. These credentials may include a logon user ID, digital certificate, search history, employee serial number, or other identifying information. In addition, certificates may directly or indirectly refer to an individual's job, individual's manager, department, work history, and assigned project in the enterprise. The type and format of certificates is well known to the parties in enterprise system administration.

The end user terminal is connected to computer network 115 (116 (a)). In one preferred embodiment, this network is an enterprise network using a well-known Internet Protocol (IP) infrastructure. In another preferred embodiment, the network is further comprised of a satellite network, a public Internet network, a wireless network, an additional private enterprise network, a virtual private network (VPN), a telephone network, and / or a cell phone network. The network functions to allow digital communication between the end user terminal, enterprise search server 120, document server 130, workflow server 140, and document manager terminal 150. In one preferred embodiment, terminals 105, 150 and servers 120, 130, 140 are simultaneously connected to network 115 (116 (a) through 116 (e)). In other embodiments, the devices 105, 120, 130, 140, 150 may be temporarily disconnected from the network, for example polling the network by connecting and disconnecting at periodic intervals. Or request an external event, such as a phone call, fax, email or instant message, to initiate a connection with the network.

The server 120 is a computer that runs the enterprise search service 125. This server allows end users to browse one or more document sets 170. In one exemplary embodiment, the documents 170 (a) through 170 (c) included in the document set are part of a virtual archive where the documents are stored at various locations throughout the network.

IBM OmniFind Enterprise Edition is one such enterprise navigation service. This allows searches to be performed across document sets retrieved through server 130, which maintains secure intranets, corporate public websites, and information extraction applications. The enterprise search service maintains one or more search indices 160 that index documents in the document set (eg, 170 (a), 170 (b), 170 (c)). The search index includes one or more index records 161 (a), 161 (b), and 161 (c) that contain information about a particular document in a document set. In one embodiment, the index records 161 (a), 161 (b), and 161 (c) are the document's access control 162, optional workflow 164, and optional non-confidential synopsis 166). And optionally, there is also a policy of the common system 168.

The access control field 162 allows the enterprise search service to compare the end user's credentials and determine if the end user is authorized to view a given document. In one exemplary embodiment, the enterprise search service may consider additional policies of the common system 168 before authorizing the end user to view the document. For example, the corporate policy may specify that end users cannot preview or access any personal emails of executives.

In one preferred embodiment, the access control field may also allow the enterprise search service to compare the end user's credentials and determine if the end user is authorized to search within a given document. In addition, the access control field can conditionally activate search access in optional portions of a given document. For example, a company's policy may specify that end users may not have access to a portion of a contract document that includes financial specifics, but may search within the items of the service portion of the contract. Another policy may specify that end users can browse the full text of a publication but their preview and view access is limited to the summary or bibliographic details of the publication. The policy may specify that end users may not be able to browse the attachments of the document. Thus, policies can be used to limit or restrict access to one or more documents.

Workflow field 164 identifies one or more workflows. Each workflow describes a series of steps that can conditionally authorize an end user for access to an associated document. Examples of workflows include constructing a message including the text of a search query entered by the end user, the name of the document of interest, and the end user's certificate, sending the message as an instant message to the administrator of the document set; Receiving instructions and permission from an administrator, and then modifying the end user's certificate to grant access to the document of interest. Workflows are interpreted and executed by workflow server 140. Note that the workflow includes administrator contact information that is referenced when sending a message to the administrator.

Optional general outline field 166 includes a brief overview of the document content. In addition, the overview may include only segments of the document that the user has access to preview. In one preferred embodiment, a general overview of the document of interest is presented to the user at the end user terminal. By looking at the overview, the end user can decide to start the workflow. In another embodiment, the general overview is automatically generated by the enterprise search server after the search is executed.

The server 130 is a computer running the document retrieval service 135. The document retrieval service receives a request from an end user terminal and retrieves documents from the document set. The retrieval depends on the access control list 172 of the document set and the end user's certificate. Examples of document retrieval services include Web servers, J2EE application servers, associated database systems, ftp servers, multimedia servers, and content management systems such as Lotus Domino Document Manager and IBM Lotus Notes and Domino 8.

The document retrieval service retrieves documents from one or more document sets. The documents may be text files 174 (a), documents from word processors 174 (b), scanned images (e.g., fax or bitmap) 174 (c), vector graphics files 174 (d). And a multimedia file 174 (e) that includes audio or video clips. Each document is associated with an access control list that identifies the necessary credentials required for the retrieval.

The access control list typically specifies the credentials required for read access and write access. The access control list may optionally specify the necessary credentials to enable copying, printing, modifying or deleting and / or pasting of the document. This access control list can specify a set of other certificates needed for searching within the document, a set of certificates that can be as broad as possible. And, the access control list can identify credentials for accessing portions of the document. For example, an access control list can allow access to certain sheets or cells in a Microsoft Excel spreadsheet. An access control list may allow navigational access to recordings of lecture notes or video presentations, but does not necessarily allow playback of video content.

In one preferred embodiment, enterprise search service 125 is notified and the access control 162 fields for each search index 160 are updated whenever the access control list 172 changes. This allows the enterprise search service to react in time to changes in the access control list. In another embodiment, the enterprise search service periodically polls the document set to identify changes to the document or access control list of the document.

In one preferred embodiment, one or more document managers access the network via the document manager terminal and conditionally authorize end users to access their assigned document sets. In another embodiment, the workflow does not require any approval by the document manager. Thus, the document manager terminal can be omitted from the system.

Server 140 is a computer that directs execution of the workflow. Workflow servers are well known in the art. Production workflow servers can run software such as IBM's MQ Workflow Server and Adobe's Workflow Server. You can also develop software for a custom workflow server to meet your unique workflow requirements.

In another embodiment, servers 120, 130, 140 may be combined into one physical computer. In addition, these servers can be distributed and / or clustered across multiple computers.

The document manager terminal 150 is where supervising entities can receive end user requests for access, control access to documents, and track access to documents. In one exemplary embodiment, end user requests to access a particular document are forwarded from the workflow server. By using the document manager terminal, the supervisory entity has the ability to modify the access control list, approve or remove the type of access, and set an access control policy. In one example, the supervisory entity may approve or deny the request for access after considering the user information and the information about the request document forwarded with the request for access. In addition, the supervisory entity can control access to the document by providing end users with various levels of access. In an example embodiment, the supervisory entity may increase or decrease access to the document, respectively, by unblocking or blocking portions of the request documents. In addition, the supervisory entity may set an access time limit. The command to increase or decrease access is sent to the workflow server where this command is processed and implemented. Implementation of the command may include modifying the end user's certificate or generating a modified version of the initial request document.

In an example further embodiment, the supervisory entity may include or exclude documents from the document set and, via the document manager terminal, include or exclude documents from the search index. In addition, at any time, the supervisory entity may create various levels of access to particular documents by blocking or unblocking portions of documents as described above.

In another exemplary embodiment, document access tracking system 180 allows a supervising entity to grant access to one or more documents, a user access to one or more documents, and a level of access to one or more documents through a document manager terminal. Enable tracking. Tracking data may be stored on an enterprise search server, document search server, or workflow server. In another embodiment, the tracking data can be mirrored across the entire common system.

Referring now to FIG. 2, a flow diagram illustrates a method of a search engine that provides at least one user access to one or more documents in a collaborative computing environment in accordance with one embodiment of the present invention. Please note that the steps of the method below are from the perspective of a search engine server that may be provided by an enterprise search service as described in FIG. The method 200 begins at block 202 where the search engine presents the search results to the user in response to the user query. If the document is inaccessible to the user, the search engine can receive 204 a request from the user to access the document. In response, the search engine notifies the user request to the supervising entity responsible for granting access to the particular document (206). The search engine then waits (208) for receiving a command regarding a user request from the supervising entity. After receiving the command, the search engine can grant access to the user based on the command (210).

Referring now to FIG. 3, a flow diagram illustrates a user's method of gaining access to one or more documents in a collaborative computing environment using a search engine in accordance with one embodiment of the present invention. It should be appreciated that the steps of the method below are from the end user's perspective as described in FIG. 1. The method 300 begins at block 302 where a user searches for documents of interest using a search engine provided by an enterprise search system. After finding the inaccessible document of interest, the user may request access to the document through the search engine (304). The search engine processes and responds to the request. If the request is approved, the user receives 306 access to the request document via the search engine.

Referring now to FIG. 4, a flowchart illustrates a method of a supervising entity that authorizes user access to one or more documents in a collaborative computing environment, in accordance with an embodiment of the present invention. Please note that the steps of the method below are from the perspective of the supervisory entity as described in FIG. 1. The method 400 begins at block 402 where the supervising entity indexes one or more documents into a collaborative computing environment using a search engine. The supervisory entity then receives 404 a notification of any user request to access the inaccessible document. Depending on factors such as user credentials and document sensitivity, the supervisory entity may instruct the search engine to provide various levels of access (406).

Referring now to FIG. 5, a flow diagram illustrates an example of a workflow in accordance with one embodiment of the present invention. Workflow 500 begins at block 502 where it is called and then processes a user request for access. This includes, but is not limited to, obtaining query information, user information, and document information. After processing the request information, the workflow locates and composes a message for the supervising entity responsible for granting access to the document of interest (504). This message is then sent 506 to the supervising entity. After sending the message, the workflow waits for receiving a response from the supervising entity (508). Process any received command, and the workflow changes user access accordingly (510). After making the change, the workflow notifies 512 any party that may be interested in the change in its access. This may include the user who requested access, the supervising entity that granted the access, and any additional supervising entity.

Referring now to FIG. 6, a flow diagram illustrates, in one embodiment of the invention, a method for providing at least one user access to one or more documents in a collaborative computing environment, in accordance with a search engine. Process 600 illustrates the steps for obtaining real-time access control through enterprise search. The process begins at block 605 when the end user requests 610 a search through the end user terminal. In one preferred embodiment, this search is done via a web interface. In other embodiments, the search may be initiated via a cell phone, set top box, instant message communication system, or some other graphical user interface (GUI). The search request 611 includes a search criteria 612 and a user certificate 110. In one exemplary embodiment, the search criteria is in the form of concepts and words. Such search needs are well known in the art.

The enterprise search service receives the search request and executes the search (615). The enterprise search service identifies zero or more documents that match the given search criteria in the search request. This result is known as a search hit 630. The enterprise search service divides the search hits into three groups (620). That is, (i) documents viewable by the user because they are included in the access control list, (ii) documents not visible to the user, where these hits are discarded from the search results and are not normally presented to the user- , And (iii) documents that an end user can potentially gain access to by executing a workflow. Each search hit in the third group is annotated 625 for a general overview of the choices and references to the associated workflow. In addition, the search hit is annotated 632 of the status information including the search criteria presented during the search request. All this information is stored 626 in the hit result data structure. In another embodiment, the status information also includes a previous search history (eg, previously executed search criteria and / or search hits). In another further embodiment, the enterprise search index is encoded to enable fast search, sorting, and filtering so that the steps 620, 625, 630 of sorting and annotation are performed in-line with the search run 615. Make it possible.

The search hit and the hit result are then sent to the end user terminal and presented to the end user (650). In one preferred embodiment, search hits are displayed within a web page. Web pages display the name, size, and format of the document, as well as text or short outlines surrounding the hits within the matching document. It also provides hyperlinks or other user interface controls for document retrieval.

The end user reviews the search results and follows one of the hyperlinks in the search results. If the document is restricted, the system initiates a workflow (660). This may include a workflow service that obtains access request information and selects a workflow 662. In one preferred embodiment, the access request data structure includes status, search hits, and end user credentials or information. The selected workflow then causes a document manager 663 to request the access to the restricted document. In one preferred embodiment, the workflow sends access request information to the document manager terminal. In another embodiment, the workflow is executed in the web browser of the end user terminal using a scripting language such as JavaScript. In further embodiments, some or all of the workflow is executed by an enterprise search service through a J2EE web application.

The administrator reviews the request for access, which may include status information and end user certificate information (670), and determines whether to grant access to the requested search hit document (675). In one preferred embodiment, the document manager considers the user's job location. For example, if an end user is requesting sales documents and is sufficiently senior in the sales department, access may be granted. At this point, the document manager can initiate additional workflows or, if necessary, consult other individuals or databases.

If the document manager decides not to grant access, the process ends (699). If the document manager approves the access (680), the user is notified to approve the workflow service access (664) and the access control and / or user certificate of the document or document set is updated. In one preferred embodiment, the document manager may authorize access to the entire document set or portions of the entire document set to anticipate future needs by end users to access other documents in the document set. Further, in further embodiments, the document manager may optionally accept approval 682 using specific instructions. Such commands may include blocking or unblocking portions of certain documents (eg, sensitive text) and actually limit or extend user access to sensitive documents. Further, in another embodiment, the command may set a time limit on granting access to prevent unlimited access to sensitive documents. In one preferred embodiment, the access control fields affected by the search index are also updated. Depending on the implementation of the enterprise search service, this may not be feasible in real time, and such an update is optional.

In another embodiment, the functionality of the document manager is automated and any or all requests are handled through the manager service rather than by individual persons. In addition, there may be a team of document managers receiving requests through a common queue or through other distribution means (eg, a database, instant messaging group or shared email account).

After access is granted, a notification is sent to the document owner and manager (665). In addition, the end user is notified of the access (666). Typical notification means are via email, instant messaging, or fax. In addition, the granting and notifying steps of access may be performed in parallel. In an optional step, the user may be required to receive 690 an approval notification before viewing the document. This is an additional security measure to prevent illegal access to the document and can be implemented by using tokens, authentication certificates or cookies. A token, certificate, or cookie can be attached to a user notification, and the user presents the token, certificate, or cookie when viewing the document of interest. If this step is omitted, execution continues to block 695.

After the notification process, the document retrieval service now allows the end user to retrieve the document because the end user now has the appropriate certificate (695). In another embodiment, after gaining access, the user can execute the search request again and view the document of interest without limitation.

Referring now to FIGS. 7A and 7B, a flowchart illustrates the method of FIG. 6 applied to certain examples in accordance with one embodiment of the present invention. In general terms, for example, block 700 illustrates one embodiment of the present invention. Suppose a sales executive in Atlanta, Georgia, is searching for "Win Strategies" in the telecommunications sector. Sales executives are looking for the best practices and ideas to help them win more business deals. The sales executive first logs on to the corporate navigation website using his personal computer or end user terminal 105 (702). The sales executive first issues a very general search, "cell network win strategy" (704). Enterprise search service 125 returns a number of hits (706). The sales executive then publishes a more specific search, “cell network win strategy Asia Pacific” (708). The enterprise search service executes the search and returns 710 a more manageable number of hits.

The search results are presented in an easy-to-read format in the web browser 712 of the sales executive. The sales executive scans the search results by reading the description of the documents displayed with the search results (714). Sales executives look for corporate analysis documents that appear to be relevant (716). However, this document contains confidential information and is generally not available to employees. Secret documents are labeled with a lock icon, which means that the document cannot be accessed directly, but potentially followed if a link follows. The sales executive simply requires access to view the document by clicking the icon (718). Using a conventional search system, a sales executive will try to figure out how to gain access to the document on his own. Without the lock icon, sales executives don't know how to request access because they don't know where the document is or who can grant access. Typically, a user must rely on a network to backtrack by URL, issue another search for a box around a document, or use a peer (eg, via phone, instant messaging, or email). In this example, the sales executive clicks on the icon and the system knows as a whole that this particular corporate analysis document is under the control of the marketing program manager of the Hong Kong branch. The Hong Kong branch also has a workflow in place to authorize access to the document.

After clicking the icon, the web browser prepares for an access request (720). This process includes generating 722 an information packet of end user credentials, status information, and search hit information.

Referring now to FIG. 7B, the web browser then sends 724 an access request to the workflow service. In this example, the search query, name, job location, and department of the sales executive is forwarded to the workflow server, along with the name of the document the sales executive is requesting. The workflow service takes the forwarded information and loads the workflow (726). The workflow is interpreted (728) and a work ticket is generated (730). The workflow locates the required information and forwards it to the marketing program manager of the Hong Kong branch (732). As a result, the access request message is shown on the desktop of the executive secretary in Hong Kong (734). The executive secretary immediately approves the request or collects additional information from the sales executive by using joint software (736).

Once the executive secretary approves the request (738), the workflow continues and a change request is created to authorize the sales executive to access all corporate analysis documents maintained by the marketing office in Hong Kong (740). The workflow service then notifies 742 the sales executive via email or instant message. The workflow also sends various administrative emails, opens and closes the work ticket as appropriate (744), and terminates the workflow (746). The creation and processing of the change request updates the access control list 172 of all related documents so that the sales executive can be granted read access. This update then causes the corporate search service to update its index 160 so that if the sales executive makes any future searches, the sales executive adds a lock icon next to any hit that references the Hong Kong corporate analysis document set. No longer seen (750).

The notification to the sales executive includes a hypertext link to the corporate analysis document that allows the sales executive to open and view the corporate analysis PDF (748).

Referring now to FIG. 8, block diagram 800 illustrates one or more components / methods of the invention (eg, components / methods described in the context of FIGS. 1-7), in accordance with an embodiment of the invention. Illustrates an example hardware implementation of a computing system in which a) may be implemented.

As shown, a technique for providing at least one user access to one or more documents in a collaborative computing environment in accordance with a search engine may include a processor 810, a memory 812 connected via a bus 818 or other connection device. ), The I / O device 814 and the network interface 816.

It is to be appreciated that the term "processor" as used herein is intended to include any processing device such as, for example, including a central processing unit (CPU) and / or other processing circuitry. Also, it is to be understood that the term "processor" as used herein may refer to more than one processing device and that various elements associated with the processing device may be shared by other processing devices.

As used herein, the term "memory" refers to a processor, such as, for example, RAM, ROM, fixed memory device (e.g., hard drive), removable memory device (e.g., diskette), flash memory, or the like. Or intended to include memory associated with a CPU.

In addition, the phrase “input / output device” or “I / O device” as used herein refers to, for example, one or more input devices (eg, keyboard, mouse, scanner, etc.) for inputting data into the processing unit. And / or one or more output devices (eg, speakers, displays, printers, etc.) for presenting results associated with the processing unit.

Also, as used herein, the phrase “network interface” is intended to include one or more transceivers that enable, for example, a computer system to communicate with other computer systems via appropriate communication protocols.

A software component that includes instructions or code for performing the methods described herein may be stored in one or more of the associated memory devices (eg, ROM, fixed memory, or removable memory) and when ready to be utilized. May be partially or wholly loaded (eg into RAM) and executed by the CPU.

Although the exemplary embodiments of the present invention have been described with reference to the accompanying drawings, the present invention is not limited to these specific embodiments, and various other changes and modifications may be made by those skilled in the art without departing from the spirit or scope of the present invention. Understand that you can.

Claims (10)

A computer-based method for providing at least one user access to one or more documents in a collaborative computing environment, in accordance with a search engine.
Presenting a search result to a user, wherein the search result comprises at least one document comprising at least a portion to which the user does not have access;
Receiving a request from the user to access the at least one document;
Notifying a supervising entity of a user request to access the at least one document;
Receiving an instruction for the request from the supervisory entity;
Authorizing the user to access the at least one document in accordance with the received command
Including, computer-based method. The method of claim 1,
And presenting a search result to the user further comprises searching the at least one document in accordance with at least one of a concept and a word. The method of claim 1,
Presenting a search result to the user further includes selecting one of the one or more documents that the user can preview,
Wherein the selecting is in accordance with at least one of an identity of the user, a policy and an access control list of the collaborative computing environment. The method of claim 1,
Presenting a search result to the user further comprises enabling the user to view at least one segment of the at least one document to which the user has access. The method of claim 1,
Wherein the notifying further comprises forwarding user information. The method of claim 1,
Tracking at least one of user access to the one or more documents, granting access to the one or more documents, and level of access to the one or more documents. A computer-based method of using a search engine to gain access to one or more documents in a collaborative computing environment,
Searching for one or more documents using the search engine, the search engine providing a search result comprising at least one document, the at least one document comprising at least a portion to which the user has no access; Wow,
Requesting access to the at least one document using the search engine, wherein the search engine notifies the requesting entity of the request;
Receiving access to the at least one document in accordance with an instruction from the supervising entity
Including, computer-based method. A computer-based method using a search engine to authorize user access to one or more documents in a co-computing environment,
Indexing the one or more documents using the search engine, wherein at least one of the one or more documents includes at least a portion to which the user does not have access;
Receiving a notification of a user request to access the at least one document from the search engine;
Instructing the search engine to provide the user with access to the at least one document.
Including, computer-based method. An apparatus for providing at least one user access to one or more documents in a collaborative computing environment, in accordance with a search engine, the apparatus comprising:
With memory,
At least one processor coupled to the memory,
The processor comprising:
(i) present a search result to the user, the search result comprising at least one document comprising at least a portion of which the user does not have access to,
(ii) receive a request from the user to access the at least one document,
(iii) notify a supervisory entity of a user request to access the at least one document,
(iv) receive an instruction for the request from the supervising entity,
(v) operable to grant access to the at least one document to the user in accordance with the received command. An article of manufacture for providing at least one user access to one or more documents in a collaborative computing environment, in accordance with a search engine, comprising:
A computer readable storage medium comprising one or more computer programs,
The computer program, when executed,
Presenting a search result to a user, wherein the search result comprises at least one document comprising at least a portion to which the user does not have access;
Indexing the one or more documents using the search engine, wherein at least one of the one or more documents includes at least a portion to which the user does not have access;
Receiving a request from the user to access the at least one document;
Notifying a supervisory entity of a user request to access the at least one document;
Receiving instructions from the supervisory entity regarding the request;
Authorizing the user to access the at least one document in accordance with the received command
Implementing the article of manufacture.

Images